#Debugging

  1. Reverse engineering the .car file format (compiled Asset Catalogs)

    An Asset Catalog is an important piece of any iOS, tvOS, watchOS and macOS application. It lets you organize and manage the different assets used by an app, such as images, sprites, textures, ARKit resources, colors and data.
    [Read More]
  2. VPNStatus, a replacement for macOS builtin VPN Status

    In this post I present VPNStatus, an application that replicates some functionalities of macOS built-in VPN status menu:
    [Read More]
  3. macOS VPN architecture from System Preferences down to nesessionmanager

    macOS 10.13 contains a built-in VPN client that natively supports L2TP over IPSec as well as IKEv2. In this post I describe some parts of the internal architecture of the macOS VPN client. This information will be used in a following article to build an application that replicates some functionalities of the VPN status in the menu bar. This application will also allow to auto connect to an IKEv2 VPN service, something that is currently not possible on macOS.
    [Read More]
  4. Facebook.app for iOS [v. 88.0] cleans up duplicates

    This post follows up the Analysis of the Facebook.app for iOS [v. 87.0].
    [Read More]
  5. Analysis of the Facebook.app for iOS [v. 87.0]

    In this article, I analyze the version 87.0 of the Facebook.app for iOS.
    [Read More]
  6. Deobfuscating libMobileGestalt keys

    /usr/lib/libMobileGestalt.dylib is a private library which provides an API to retrieve the capabilities of the iOS device, as well as some runtime information: system version, build version, device type, current status of the airplane mode, …
    [Read More]
  7. Testing if an arbitrary pointer is a valid Objective-C object

    Let’s say you pick a random pointer. Can we know if it points to a valid Objective-C object? Of course without crashing… Well there is no simple solution. In this post I give a solution for 64-bit architectures. The code provided has only been tested on macOS 10.12.1 and iOS 10.1.1 with the modern Objective-C runtime.
    [Read More]
  8. Analysis of the Facebook.app for iOS

    Did you ever wonder why the Facebook.app for iOS is such a big download? This post tries to give some answers. The version 66.0 (released on 7 October 2016) was analyzed on an iPad Air 2 (64-bit).
    [Read More]
  9. constructor and destructor attributes

    GCC (and Clang) supports constructor and destructor attributes: __attribute__((constructor)) __attribute__((destructor))
    [Read More]
  10. State Preservation and Restoration Debug Logs

    The State Preservation and Restoration system is well documented here: Preserving Your App’s Visual Appearance Across Launches. But what is not well known is that there is a secret preference to enable debug logs.
    [Read More]